Password Sanity

I just found the center for password sanity. My joy lessened as I re-read the title and discovered it was the center for, not center of password sanity 🙂

I’m currently working on a system where I have different passwords (and usernames) for

• LAN login
• HelpDesk login
• Firewall login
• Internet login
• Server logins
• Other Applications, 1 per app

They are updated at irregular intervals and have different rules about how often you can repeat, number of characters. There is one which specifies atleast 6char + 2 numeric – but no! it’s has to be exactly 6+2 with no repeats for 12 passwords.

And then LAN admins wonder why people store them in files!

I did wonder if new passwords are checked for relevant strings and passed to HR as a staff retention trigger as some of the passwords I have become aware of give major clues that the person maybe leaving shortly.